Cyber GRC Specialist

Client of Stellar Hunters

Employer Active

Posted 9 hrs ago

Experience

3 - 5 Years

Job Location

Saudi Arabia - Saudi Arabia

Education

Bachelor of Science(Computers)

Nationality

Any Nationality

Gender

Not Mentioned

Vacancy

1 Vacancy

Job Description

Roles & Responsibilities

Key Responsibilities

  • Develop, maintain, and operationalize cybersecurity policies, standards, and procedures aligned with industry frameworks and regulatory requirements (e.g., NIST CSF, ISO 27001, SOC 2, PCI, relevant regional regulations).

  • Support security governance forums and reporting to senior leadership and stakeholders on cyber risk, control effectiveness, and remediation progress.

  • Collaborate with cross-functional teams to ensure security requirements are integrated into business processes, projects, and third-party relationships.

Risk Management & Assessments

  • Conduct and coordinate risk assessments, control gap analyses, and threat/risk modeling for systems, applications, and third-party services.

  • Maintain the risk register, prioritize remediation activities, and track closure of identified vulnerabilities and control deficiencies.

  • Perform vendor security and risk assessments; review third-party contracts and recommend appropriate security controls and contractual language.

Compliance & Audit Support

  • Support internal and external compliance initiatives, audits, and certifications (e.g., SOC 2, ISO 27001), including evidence collection, control testing, and remediation coordination.

  • Monitor regulatory and industry compliance requirements and translate obligations into practical control and process requirements across the organization.

  • Prepare and maintain documentation, control narratives, and artifacts required for assessments and regulatory inquiries.

Incident Response & Continuous Improvement

  • Participate in incident response planning and post-incident reviews; advise on control improvements and regulatory/contractual notification considerations.

  • Collaborate with Security Operations and IT teams to ensure controls are effectively implemented, monitored, and improved based on lessons learned and evolving threats.

  • Identify opportunities to automate control monitoring, reporting, and GRC workflows using GRC platforms and security tooling.

Training, Awareness & Advisory

  • Develop and deliver role-based security awareness, GRC guidance, and targeted training for employees, contractors, and business partners.

  • Provide practical, risk-based advisory to Product, Engineering, IT, and business teams on secure design, control selection, and compliance requirements.

  • Act as a trusted advisor for security and compliance questions related to new projects, cloud deployments, and third-party integrations.

Desired Candidate Profile

Required Qualifications - Skills & Experience

  • Bachelor s degree in Information Security, Computer Science, Cybersecurity, Risk Management, or a related field, or equivalent practical experience.

  • 3+ years of demonstrated experience in cybersecurity GRC, risk management, compliance, or related roles within a commercial or regulated environment.

  • Familiarity with common cybersecurity frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2) and practical experience applying them.

  • Experience performing risk assessments, vendor/security assessments, control gap analysis, and supporting audits or certifications.

  • Working knowledge of cloud security concepts (AWS, Azure, GCP), identity and access management, and common security controls.

  • Strong written and verbal communication skills with the ability to document controls, prepare executive reports, and communicate with technical and non-technical stakeholders.

  • Experience with GRC platforms, ticketing systems, and security assessment tools; comfortable working in cross-functional, fast-paced environments.

Preferred Qualifications

  • Relevant certifications such as CISSP, CISM, CRISC, CGEIT, or certification in GRC platforms preferred.

  • Experience supporting SOC 2, ISO 27001, or other compliance programs and working with external auditors.

  • Prior exposure to privacy requirements and data protection interactions with cybersecurity controls is a plus.

  • Experience in cloud-native environments, DevSecOps practices, and automation of control monitoring is advantageous.

Company Industry

  • IT - Software Services

Department / Functional Area

  • IT Software

Keywords

  • Cyber GRC Specialist

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com

Client of Stellar Hunters

https://careers.stellarhunters.com/jobs/7479808-cyber-grc-specialist

Similar Jobs

GRC Specialist

GRC Specialist

UAE National_Information Security Specialist | Corporate Services | Gr

UAE National_IT Security Specialist | Corporate Services | Group Tech

Information Security Specialist

View All
  • Home
  • Jobs in Saudi Arabia